漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for php to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for qemu-kvm to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for mariadb to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation allows local users to affect integrity and availability via vectors related to DML. …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to le…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel'…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel'…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and librarie…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. It was discovered that PostgreSQL incorrectly handled special characters in database and role names. 漏洞危害 A remote attacker could possibly use th…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. 漏洞危害 An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output. 解决方案 Refer to Ubuntu advisory…

洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that GnuPG incorrectly handled mixing functions in the random number generator. 漏洞危害 An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output. 解决方案 Refer to Ubuntu advisory USN-…

漏洞类别：Web server 漏洞等级： 漏洞信息 Oracle GlassFish Server is an implementation of Java Platform, Enterprise Edition (Java EE) 6 specification. An unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows rem…

漏洞类别：CGI 漏洞等级： 漏洞信息 phpMyAdmin is a free software tool written in PHP and intended to handle the administration of MySQL over the Internet. A vulnerability was discovered in the libraries/central_columns.lib.php source file that allows an SQL injection attack …

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for cracklib to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerab…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for python to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE L…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-…

漏洞类别：CGI 漏洞等级： 漏洞信息 A vulnerability in the IPv6 packet decode function of the Cisco Network Analysis Module (NAM) could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability is due to an improper calculation of the…

漏洞类别：CGI漏洞等级： 漏洞信息 Symantec Web Gateway is a web security gateway appliance. Symantec Web Gateway is exposed to multiple security issues: 1) The application improperly validates input passed via the "filename" parameter to spywall/pbcontrol.php. 2) Input passe…

漏洞概述 zabbix是一个开源的企业级性能监控解决方案。 漏洞等级：  官方网站：http://www.zabbix.com zabbix的jsrpc的profileIdx2参数存在insert方式的SQL注入漏洞，攻击者无需授权登陆即可登陆zabbix管理系统，也可通过script等功能轻易直接获取zabbix服务器的操作系统权限。 影响程度 攻击成本：低 危害程度：高 是否登陆：不需要 影响范围：2.2.x, 3.0.0-3.0.3。（其他版本未经测试） 漏洞测试 在您的zabbix的地址后面加上如下url：…

漏洞类别：Hardware 漏洞等级： 漏洞信息 Checkpoint security gateway is an integrated software solution that provides connectivity to corporate networks, branch offices and business partners via a secure channel. Multiple unspecified vulnerabilities exists in the Check Point …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. It was discovered that OpenSSH did not limit password lengths. 漏洞危害 A remote attacker could perform a timing attack and enumerate…

漏洞类别：CGI 漏洞等级： 漏洞信息 A vulnerability in the Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to perform a command injection attack. The vulnerability occurs because the affected system improperly handles ucspe-…

漏洞类别：Cisco漏洞等级： 漏洞信息 A vulnerability in the Cisco Adaptive Security Appliance (ASA) Software implementation of access control list (ACL) permit and deny filters for ICMP Echo Reply messages could allow an unauthenticated, remote attacker to bypass ACL configur…

漏洞类别：SUSE漏洞等级： 漏洞信息 Suse has released security update for chromium to fix the vulnerabilities. Affected Products: openSUSE 13.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch. To…

漏洞类别：SUSE漏洞等级： 漏洞信息 Suse has released security update for dropbear to fix the vulnerabilities. Affected Products: openSUSE 13.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch. To…

漏洞类别：SUSE漏洞等级： 漏洞信息 Suse has released security update for go to fix the vulnerabilities. Affected Products: openSUSE 13.2 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch. To insta…